$ rpki-client -vvf rpki.cernet.net/repo/cernet/0/AS143336.roa File: AS143336.roa (raw, json) Hash identifier: OGUJ/AU7TvU4IxdefHs9CU0SjUJmtBDzEs75Y/Ok8HI= Subject key identifier: 7D:F6:D3:2C:FE:F0:03:32:5F:17:D4:6E:CE:A6:4B:FD:78:DB:AD:1F Certificate issuer: /CN=A91E5D610001/serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Certificate serial: 5DCB0940715C349322C1D00544F236A858C9816A Authority key identifier: 05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject info access: rsync://rpki.cernet.net/repo/cernet/0/AS143336.roa Signing time: Wed 04 Mar 2026 06:07:38 +0000 ROA not before: Wed 04 Mar 2026 06:02:38 +0000 ROA not after: Wed 03 Mar 2027 06:07:38 +0000 asID: 143336 IP address blocks: 240a:a2ae::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 28 Mar 2026 22:54:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:cb:09:40:71:5c:34:93:22:c1:d0:05:44:f2:36:a8:58:c9:81:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5D610001, serialNumber=05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA Validity Not Before: Mar 4 06:02:38 2026 GMT Not After : Mar 3 06:07:38 2027 GMT Subject: CN=7DF6D32CFEF003325F17D46ECEA64BFD78DBAD1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:51:30:6f:e7:2b:18:2b:5e:82:c4:90:c8:c7: 4c:5a:64:b2:ac:f8:f6:33:c4:52:53:f4:a2:b8:31: da:a6:72:02:1e:44:ac:58:9d:b7:8e:2c:37:5f:01: 97:1b:a4:0f:b2:a3:42:28:16:49:4e:2e:48:d9:ac: f7:5b:a7:6c:7b:16:a8:77:24:a8:d6:81:1f:19:ea: 28:8f:d2:97:99:b5:ca:86:28:f1:42:3c:48:cf:77: 83:19:16:b1:c4:d7:1c:0a:02:09:9b:1b:85:10:49: 14:c6:f0:81:56:9e:05:5d:e5:d6:79:65:15:8e:5f: 4c:10:20:e0:8f:35:34:b4:d0:d4:1f:62:90:4c:c0: 22:56:07:b4:62:9b:0e:e8:8a:91:7e:87:0f:62:10: 60:19:2f:3f:40:7a:17:62:fb:67:74:98:b6:2c:54: 66:f9:67:39:a1:19:6a:f2:5c:0a:ef:eb:2a:bf:0c: 52:df:60:cd:16:05:0b:0c:85:90:5a:a5:46:1a:32: 1b:eb:4c:bb:6e:50:28:30:bc:49:7a:5c:ae:89:89: cd:84:e5:51:ff:84:60:3e:43:cd:32:44:b7:03:9c: 8a:e5:8f:a7:da:34:d0:61:24:5a:46:a3:2b:20:46: 1a:32:f8:2d:55:16:8c:8b:dd:d9:e0:d3:cf:a1:cc: 76:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F6:D3:2C:FE:F0:03:32:5F:17:D4:6E:CE:A6:4B:FD:78:DB:AD:1F X509v3 Authority Key Identifier: keyid:05:FC:9C:5B:88:50:6F:7C:0D:3F:86:2C:88:95:BE:D6:7E:9F:8E:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cernet.net/repo/cernet/0/05FC9C5B88506F7C0D3F862C8895BED67E9F8EBA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BfycW4hQb3wNP4YsiJW-1n6fjro.cer Subject Information Access: Signed Object - URI:rsync://rpki.cernet.net/repo/cernet/0/AS143336.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240a:a2ae::/32 Signature Algorithm: sha256WithRSAEncryption 7a:8f:40:0d:ce:5c:c4:01:c0:fd:e6:41:a4:3d:f7:65:87:38: 68:7f:48:a7:c6:fb:75:25:0d:3f:32:44:4e:80:2a:d4:b1:63: 5d:fe:e3:f4:69:e3:c0:5a:81:f0:ac:bd:c8:8b:54:73:4f:c1: c7:6d:a3:cc:31:d9:b9:97:df:c1:a0:89:1d:c9:26:15:9b:5b: 24:8d:a5:b7:fa:13:62:68:9b:0e:75:0d:e3:b2:4a:95:18:e9: 6e:61:8f:55:2f:87:a3:1c:de:8c:41:4f:71:03:31:6c:c1:db: fb:79:78:d0:94:64:46:60:b2:74:d9:0d:75:17:bc:39:c3:a5: 82:3a:b1:73:b8:c4:33:4a:5e:ef:6a:96:0c:61:fd:0d:fa:9c: 74:c8:a0:e3:46:76:0b:10:32:e6:d0:86:24:bc:66:39:dd:ca: b9:eb:e6:e1:d0:02:ec:3e:61:2d:e9:eb:14:d3:e4:49:11:89: 00:46:34:78:e4:36:3d:31:a0:b9:34:d9:f4:04:72:a0:56:e7: f3:69:b5:a8:56:28:5e:10:2e:27:20:b9:ba:4b:77:06:a9:4e: 60:0e:d2:a0:32:22:77:46:44:aa:31:b5:82:c2:9b:3e:04:31: 7b:82:c3:de:50:4d:99:39:5c:b6:2f:34:b4:0e:1b:1d:82:2d: 3d:a6:17:4d -----BEGIN CERTIFICATE----- MIIE0jCCA7qgAwIBAgIUXcsJQHFcNJMiwdAFRPI2qFjJgWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxRTVENjEwMDAxMTEwLwYDVQQFEygwNUZDOUM1Qjg4 NTA2RjdDMEQzRjg2MkM4ODk1QkVENjdFOUY4RUJBMB4XDTI2MDMwNDA2MDIzOFoX DTI3MDMwMzA2MDczOFowMzExMC8GA1UEAxMoN0RGNkQzMkNGRUYwMDMzMjVGMTdE NDZFQ0VBNjRCRkQ3OERCQUQxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMVRMG/nKxgrXoLEkMjHTFpksqz49jPEUlP0orgx2qZyAh5ErFidt44sN18B lxukD7KjQigWSU4uSNms91unbHsWqHckqNaBHxnqKI/Sl5m1yoYo8UI8SM93gxkW scTXHAoCCZsbhRBJFMbwgVaeBV3l1nllFY5fTBAg4I81NLTQ1B9ikEzAIlYHtGKb DuiKkX6HD2IQYBkvP0B6F2L7Z3SYtixUZvlnOaEZavJcCu/rKr8MUt9gzRYFCwyF kFqlRhoyG+tMu25QKDC8SXpcromJzYTlUf+EYD5DzTJEtwOciuWPp9o00GEkWkaj KyBGGjL4LVUWjIvd2eDTz6HMdhUCAwEAAaOCAcUwggHBMB0GA1UdDgQWBBR99tMs /vADMl8X1G7Opkv9eNutHzAfBgNVHSMEGDAWgBQF/JxbiFBvfA0/hiyIlb7Wfp+O ujAOBgNVHQ8BAf8EBAMCB4AwYwYDVR0fBFwwWjBYoFagVIZScnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC8wNUZDOUM1Qjg4NTA2RjdDMEQzRjg2 MkM4ODk1QkVENjdFOUY4RUJBLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUH MAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFE NjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9CZnljVzRoUWIzd05QNFlzaUpXLTFuNmZq cm8uY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9ycGtp LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC9BUzE0MzMzNi5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQK oq4wDQYJKoZIhvcNAQELBQADggEBAHqPQA3OXMQBwP3mQaQ992WHOGh/SKfG+3Ul DT8yRE6AKtSxY13+4/Rp48BagfCsvciLVHNPwcdto8wx2bmX38GgiR3JJhWbWySN pbf6E2Jomw51DeOySpUY6W5hj1Uvh6Mc3oxBT3EDMWzB2/t5eNCUZEZgsnTZDXUX vDnDpYI6sXO4xDNKXu9qlgxh/Q36nHTIoONGdgsQMubQhiS8Zjndyrnr5uHQAuw+ YS3p6xTT5EkRiQBGNHjkNj0xoLk02fQEcqBW5/NptahWKF4QLicgubpLdwapTmAO 0qAyIndGRKoxtYLCmz4EMXuCw95QTZk5XLYvNLQOGx2CLT2mF00= -----END CERTIFICATE-----Generated at Sat Mar 28 11:42:51 2026 by rpki-client